Find the flag.
Solution
The source of the problem is as shown.
#!/usr/bin/env node
var parser = require('http-string-parser');
var net = require('net');
var server_tcp = net.createServer();
server_tcp.on('connection', function(socket) {
socket.on('data', function(data) {
socket.end('HTTP/1.0 301 Moved Permanently\r\nServer: multi-transport-server\r\nConnection: close\r\n\r\n<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>wrong transport</title></head><body><h1>wrong transport</h1></body></html>');
});
});
server_tcp.listen(3679, '0.0.0.0');
var dgram = require('dgram');
var server_udp = dgram.createSocket('udp4');
server_udp.on('message', function (message, remote) {
request = parser.parseRequest(message.toString());
if (request.method != 'PUT') {
response = new Buffer('HTTP/1.0 405 Method Not Allowed\r\nServer: multi-transport-server\r\nConnection: close\r\n\r\n<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>405 Method Not Allowed</title></head><body><h1>405 Method Not Allowed</h1></body></html>');
} else if (request.headers['i-want-flag'] == undefined) {
response = new Buffer('HTTP/1.0 200 OK\r\nServer: multi-transport-server\r\nConnection: close\r\n\r\n<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>Header i-want-flag missing</title></head><body><h1>Header i-want-flag missing</h1></body></html>');
} else if (request.headers['i-want-flag'] != 'false') {
response = new Buffer('HTTP/1.0 200 OK\r\nServer: multi-transport-server\r\nX-Dumbledore: Only a person who wanted to find the flag - find it, but not use it - would be able to get it\r\nConnection: close\r\n\r\n<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>Header i-want-flag wrong</title></head><body><h1>Header i-want-flag wrong</h1></body></html>');
} else {
response = new Buffer('flag: a real testament to a work of art is the number of copies that it has inspired');
}
server_udp.send(response, 0, response.length, remote.port, remote.address);
});
server_udp.bind(3679, '0.0.0.0');
We start the web problem as usual. By sending it a request and seeing what it does.
$ curl -v http://yuno.parthkolekar.me:3679
...
* HTTP 1.0, assume close after body
< HTTP/1.0 301 Moved Permanently
< Server: multi-transport-server
< Connection: close
...
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>wrong transport</title></head><body><h1>wrong transport</h1></body></html>
We get an awkward response. We get a HTTP 301. But it is without any Location
header. Interestingly, the HTTP replies say wrong transport.
This seems like we would need to to use a different transport. It can mean a different transport layer. Let us try a UDP connection.
$ nc -u yuno.parthkolekar.me 3679
GET /
HTTP/1.0 405 Method Not Allowed
Server: multi-transport-server
Connection: close
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>405 Method Not Allowed</title></head><body><h1>405 Method Not Allowed</h1></body></html>
Whoa!. So our hunch was right. It is a UDP server running HTTP protocol. A little more experimentation leads us to the fact that the server accepts a HTTP PUT request. It does not seem to require any sort of data. It accepts any sort of PUT requests.
$ nc -u yuno.parthkolekar.me 3679
PUT /
HTTP/1.0 200 OK
Server: multi-transport-server
Connection: close
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>Header i-want-flag missing</title></head><body><h1>Header i-want-flag missing</h1></body></html>
This seems to want a header i-want-flag. So let us give it that.
$ echo "PUT /\ni-want-flag: true" | nc -u yuno.parthkolekar.me 3679
HTTP/1.0 200 OK
Server: multi-transport-server
X-Dumbledore: Only a person who wanted to find the flag - find it, but not use it - would be able to get it
Connection: close
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"/><title>Header i-want-flag wrong</title></head><body><h1>Header i-want-flag wrong</h1></body></html>
This is a fun activity to do now. A little guessing is involved to find out what Dumbledore wants us to do. But we figure it out soon enough.
$ echo "PUT /\ni-want-flag: false" | nc -u yuno.parthkolekar.me 3679
flag: a real testament to a work of art is the number of copies that it has inspired
This is a reference to the fact that this same question was given as a felicity challenge as well, and the fact that I am getting lazy enough to reuse and arrogent enough to flaunt that fact instead of hiding it.
Flag
a real testament to a work of art is the number of copies that it has inspired
Recommended Reading
Double Hash
#crypto #ctf #hash-chaining #introductoryone fish twofish red fish blowfish
0xcaae8ee4f458ff776860e57141313e1e145423932e79e799d5133af8610e40d 94299046d28022d0b0efaa7fd3177b87e8e8530667111180e47da98f84846d753 cf9afa7c2635c93cf93ef8035b2217c05e192e3d2547e084c86085c2b83ef2b5
Solution
The...
...Recommended Reading
Royal Primes
#ctf #misc #rsac = 2911901299590689319468053634625275622654003904978205739380623481723661641396883678700531176998074009090944130064383792213854734101182591054606781359574544120823690362905523398270489939706547990345246231530733316646360394579721797156381054207414615333776383945252214100458075195770993971636731892198913293107313263096802400950280001995889600269261084002962194522369348371580184194201319826916320073496756736378234176527727677896098180012125139057850531341929674855173384488699967535868594673470466436155672157436157446615623094626238560694456848398206751930925254978950059694877328019092454478343535457958785859310484
...